718183 - Provide native systemd unit file Gathered from following upstream git commits and backported to 5.7. commit 19499c3c90bf9d7b2b9e5d08baa26cc6bba28a11 Author: Jan Safranek Date: Mon Aug 8 15:48:54 2011 +0200 CHANGES: snmpd: integrated with systemd, see README.systemd for details. It brings sd-daemon.c and .h directly downloaded from systemd. I've made very few changes to it to match our NETSNMP_NO_SYSTEMD and include paths. commit fef6cddfdb94da1a6b1fb768af62918b80f11fd3 Author: Jan Safranek Date: Mon Aug 8 15:48:54 2011 +0200 CHANGES: snmptrapd: integrate systemd notification support. commit 0641e43c694c485cbbffef0556efc4641bd3ff50 Author: Jan Safranek Date: Mon Aug 8 15:48:54 2011 +0200 Add sd_find_inet_socket() and sd_find_inet_unisx() helpers into system-specific code. This will help us to find various sockets created by systemd much easier. commit 76530a89f1c8bbd0b63acce63e10d5d4812a1a16 Author: Jan Safranek Date: Mon Aug 8 15:48:54 2011 +0200 Check sockets created by systemd when opening new server sockets. systemd can pass sockets to our daemons during startup using LISTEN_FDS environment variable. So check this variable when opening new listening socket - maybe system has already opened the socket for us. commit bf108d7f1354f6276fc43c129963f2c49b9fc242 Author: Jan Safranek Date: Mon Aug 8 15:48:54 2011 +0200 Added sample systemd service files. commit 884ec488a6596380ba283d707827dd926a52e0b2 Author: Jan Safranek Date: Mon Aug 8 15:48:55 2011 +0200 Run autoheader+autoconf. commit 86132e3f1e6ef7b4e0b96d8fa24e37c81b71b0e0 Author: Jan Safranek Date: Tue Aug 9 10:53:43 2011 +0200 Update systemd documentation and samples. - add socket unit for snmpd to paralelize boot - update WantedBy in socket units as recommended by http://0pointer.de/blog/projects/socket-activation.html - rephrase README.systemd diff -up net-snmp-5.7.3/agent/snmpd.c.MPGqYh net-snmp-5.7.3/agent/snmpd.c --- net-snmp-5.7.3/agent/snmpd.c.MPGqYh 2014-12-08 21:23:22.000000000 +0100 +++ net-snmp-5.7.3/agent/snmpd.c 2015-02-17 13:34:05.736221851 +0100 @@ -164,6 +164,10 @@ typedef long fd_mask; #endif +#ifndef NETSNMP_NO_SYSTEMD +#include +#endif + netsnmp_feature_want(logging_file) netsnmp_feature_want(logging_stdio) netsnmp_feature_want(logging_syslog) @@ -443,18 +447,26 @@ main(int argc, char *argv[]) int agent_mode = -1; char *pid_file = NULL; char option_compatability[] = "-Le"; + int prepared_sockets = 0; #if HAVE_GETPID int fd; FILE *PID; #endif #ifndef WIN32 +#ifndef NETSNMP_NO_SYSYSTEMD + /* check if systemd has sockets for us and don't close them */ + prepared_sockets = netsnmp_sd_listen_fds(0); +#endif /* NETSNMP_NO_SYSYSTEMD */ + /* * close all non-standard file descriptors we may have * inherited from the shell. */ - for (i = getdtablesize() - 1; i > 2; --i) { - (void) close(i); + if (!prepared_sockets) { + for (i = getdtablesize() - 1; i > 2; --i) { + (void) close(i); + } } #endif /* #WIN32 */ @@ -1107,6 +1119,19 @@ main(int argc, char *argv[]) netsnmp_addrcache_initialise(); /* + * Let systemd know we're up. + */ +#ifndef NETSNMP_NO_SYSTEMD + netsnmp_sd_notify(1, "READY=1\n"); + if (prepared_sockets) + /* + * Clear the environment variable, we already processed all the sockets + * by now. + */ + netsnmp_sd_listen_fds(1); +#endif + + /* * Forever monitor the dest_port for incoming PDUs. */ DEBUGMSGTL(("snmpd/main", "We're up. Starting to process data.\n")); diff -up net-snmp-5.7.3/apps/snmptrapd.c.MPGqYh net-snmp-5.7.3/apps/snmptrapd.c --- net-snmp-5.7.3/apps/snmptrapd.c.MPGqYh 2014-12-08 21:23:22.000000000 +0100 +++ net-snmp-5.7.3/apps/snmptrapd.c 2015-02-17 13:34:05.736221851 +0100 @@ -125,6 +125,10 @@ SOFTWARE. #include +#ifndef NETSNMP_NO_SYSTEMD +#include +#endif + #ifndef BSD4_3 #define BSD4_2 #endif @@ -657,15 +661,22 @@ main(int argc, char *argv[]) int agentx_subagent = 1; #endif netsnmp_trapd_handler *traph; + int prepared_sockets = 0; #ifndef WIN32 +#ifndef NETSNMP_NO_SYSTEMD + /* check if systemd has sockets for us and don't close them */ + prepared_sockets = netsnmp_sd_listen_fds(0); +#endif /* * close all non-standard file descriptors we may have * inherited from the shell. */ - for (i = getdtablesize() - 1; i > 2; --i) { - (void) close(i); + if (!prepared_sockets) { + for (i = getdtablesize() - 1; i > 2; --i) { + (void) close(i); + } } #endif /* #WIN32 */ @@ -1318,6 +1329,19 @@ main(int argc, char *argv[]) #endif #endif + /* + * Let systemd know we're up. + */ +#ifndef NETSNMP_NO_SYSTEMD + netsnmp_sd_notify(1, "READY=1\n"); + if (prepared_sockets) + /* + * Clear the environment variable, we already processed all the sockets + * by now. + */ + netsnmp_sd_listen_fds(1); +#endif + #ifdef WIN32SERVICE trapd_status = SNMPTRAPD_RUNNING; #endif diff -up net-snmp-5.7.3/configure.d/config_modules_lib.MPGqYh net-snmp-5.7.3/configure.d/config_modules_lib --- net-snmp-5.7.3/configure.d/config_modules_lib.MPGqYh 2014-12-08 21:23:22.000000000 +0100 +++ net-snmp-5.7.3/configure.d/config_modules_lib 2015-02-17 13:34:05.737221850 +0100 @@ -53,6 +53,14 @@ if test "x$PARTIALTARGETOS" = "xmingw32" other_ftobjs_list="$other_ftobjs_list winpipe.ft" fi +# Linux systemd +if test "x$with_systemd" == "xyes"; then + other_src_list="$other_src_list sd-daemon.c" + other_objs_list="$other_objs_list sd-daemon.o" + other_lobjs_list="$other_lobjs_list sd-daemon.lo" + other_ftobjs_list="$other_ftobjs_list sd-daemon.ft" +fi + AC_SUBST(other_src_list) AC_SUBST(other_objs_list) AC_SUBST(other_lobjs_list) diff -up net-snmp-5.7.3/configure.d/config_project_with_enable.MPGqYh net-snmp-5.7.3/configure.d/config_project_with_enable --- net-snmp-5.7.3/configure.d/config_project_with_enable.MPGqYh 2014-12-08 21:23:22.000000000 +0100 +++ net-snmp-5.7.3/configure.d/config_project_with_enable 2015-02-17 13:34:05.737221850 +0100 @@ -690,6 +690,15 @@ if test "x$with_dummy_values" != "xyes"; data for]) fi +NETSNMP_ARG_WITH(systemd, +[ --with-systemd Provide systemd support. See README.systemd + for details.]) +# Define unless specifically suppressed (i.e., option defaults to false). +if test "x$with_systemd" != "xyes"; then + AC_DEFINE(NETSNMP_NO_SYSTEMD, 1, + [If you don't want to integrate with systemd.]) +fi + NETSNMP_ARG_ENABLE(set-support, [ --disable-set-support Do not allow SNMP set requests.]) if test "x$enable_set_support" = "xno"; then diff -up net-snmp-5.7.3/configure.MPGqYh net-snmp-5.7.3/configure --- net-snmp-5.7.3/configure.MPGqYh 2014-12-08 21:23:37.000000000 +0100 +++ net-snmp-5.7.3/configure 2015-02-17 13:34:05.744221845 +0100 @@ -951,6 +951,8 @@ with_kmem_usage enable_kmem_usage with_dummy_values enable_dummy_values +with_systemd +enable_systemd enable_set_support with_set_support with_sys_contact @@ -1867,6 +1869,8 @@ Configuring the agent: This is technically not compliant with the SNMP specifications, but was how the agent operated for versions < 4.0. + --with-systemd Provide systemd support. See README.systemd + for details. --with-sys-contact="who@where" Default system contact. (Default: LOGIN@DOMAINNAME) --with-sys-location="location" Default system location. @@ -4398,6 +4402,24 @@ $as_echo "#define NETSNMP_NO_DUMMY_VALUE fi + +# Check whether --with-systemd was given. +if test "${with_systemd+set}" = set; then : + withval=$with_systemd; +fi + + # Check whether --enable-systemd was given. +if test "${enable_systemd+set}" = set; then : + enableval=$enable_systemd; as_fn_error $? "Invalid option. Use --with-systemd/--without-systemd instead" "$LINENO" 5 +fi + +# Define unless specifically suppressed (i.e., option defaults to false). +if test "x$with_systemd" != "xyes"; then + +$as_echo "#define NETSNMP_NO_SYSTEMD 1" >>confdefs.h + +fi + # Check whether --enable-set-support was given. if test "${enable_set_support+set}" = set; then : enableval=$enable_set_support; @@ -18639,6 +18661,14 @@ if test "x$PARTIALTARGETOS" = "xmingw32" other_ftobjs_list="$other_ftobjs_list winpipe.ft" fi +# Linux systemd +if test "x$with_systemd" == "xyes"; then + other_src_list="$other_src_list sd-daemon.c" + other_objs_list="$other_objs_list sd-daemon.o" + other_lobjs_list="$other_lobjs_list sd-daemon.lo" + other_ftobjs_list="$other_ftobjs_list sd-daemon.ft" +fi + diff -up net-snmp-5.7.3/dist/snmpd.service.MPGqYh net-snmp-5.7.3/dist/snmpd.service --- net-snmp-5.7.3/dist/snmpd.service.MPGqYh 2015-02-17 13:34:05.745221844 +0100 +++ net-snmp-5.7.3/dist/snmpd.service 2015-02-17 13:34:05.745221844 +0100 @@ -0,0 +1,18 @@ +# +# SNMP agent service file for systemd +# +# +# The service should be enabled, i.e. snmpd should start during machine boot. +# Socket activation shall not be used. See README.systemd for details. + +[Unit] +Description=Simple Network Management Protocol (SNMP) daemon. +After=syslog.target network.target + +[Service] +# Type=notify is also supported. It should be set when snmpd.socket is not used. +Type=simple +ExecStart=/usr/sbin/snmpd -f + +[Install] +WantedBy=multi-user.target diff -up net-snmp-5.7.3/dist/snmpd.socket.MPGqYh net-snmp-5.7.3/dist/snmpd.socket --- net-snmp-5.7.3/dist/snmpd.socket.MPGqYh 2015-02-17 13:34:05.745221844 +0100 +++ net-snmp-5.7.3/dist/snmpd.socket 2015-02-17 13:34:05.745221844 +0100 @@ -0,0 +1,17 @@ +[Unit] +Description=Socket listening for SNMP and AgentX messages + +[Socket] +ListenDatagram=0.0.0.0:161 +# Uncomment other listening addresses as needed - TCP, UDP6, TCP6. +# It must match listening addresses/ports defined in snmpd.service +# or snmpd.conf. +# ListenStream=0.0.0.0:161 +# ListenDatagram=[::]:161 +# ListenStream=[::]:161 +# +# Uncomment AgentX socket if snmpd.conf enables AgentX protocol. +# ListenStream=/var/agentx/master + +[Install] +WantedBy=sockets.target diff -up net-snmp-5.7.3/dist/snmptrapd.service.MPGqYh net-snmp-5.7.3/dist/snmptrapd.service --- net-snmp-5.7.3/dist/snmptrapd.service.MPGqYh 2015-02-17 13:34:05.745221844 +0100 +++ net-snmp-5.7.3/dist/snmptrapd.service 2015-02-17 13:34:05.745221844 +0100 @@ -0,0 +1,16 @@ +# +# SNMP trap-processing service file for systemd +# + +[Unit] +Description=Simple Network Management Protocol (SNMP) Trap daemon. +After=syslog.target network.target + +[Service] +# Type=notify is also supported. It should be set when snmptrapd.socket is not +# used. +Type=simple +ExecStart=/usr/sbin/snmptrapd -f + +[Install] +WantedBy=multi-user.target diff -up net-snmp-5.7.3/dist/snmptrapd.socket.MPGqYh net-snmp-5.7.3/dist/snmptrapd.socket --- net-snmp-5.7.3/dist/snmptrapd.socket.MPGqYh 2015-02-17 13:34:05.745221844 +0100 +++ net-snmp-5.7.3/dist/snmptrapd.socket 2015-02-17 13:34:05.745221844 +0100 @@ -0,0 +1,14 @@ +[Unit] +Description=Socket listening for SNMP trap messages + +[Socket] +ListenDatagram=0.0.0.0:162 +# Uncomment other listening addresses as needed - TCP, UDP6, TCP6. +# It must match listening addresses/ports defined in snmptrapd.service +# or snmptrapd.conf. +# ListenStream=0.0.0.0:162 +# ListenDatagram=[::]:162 +# ListenStream=[::]:162 + +[Install] +WantedBy=sockets.target diff -up net-snmp-5.7.3/include/net-snmp/library/sd-daemon.h.MPGqYh net-snmp-5.7.3/include/net-snmp/library/sd-daemon.h --- net-snmp-5.7.3/include/net-snmp/library/sd-daemon.h.MPGqYh 2015-02-17 13:34:05.746221843 +0100 +++ net-snmp-5.7.3/include/net-snmp/library/sd-daemon.h 2015-02-17 13:34:05.746221843 +0100 @@ -0,0 +1,286 @@ +/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ + +#ifndef SNMPD_SD_DAEMON_H +#define SNMPD_SD_DAEMON_H + +/*** + Copyright 2010 Lennart Poettering + + Permission is hereby granted, free of charge, to any person + obtaining a copy of this software and associated documentation files + (the "Software"), to deal in the Software without restriction, + including without limitation the rights to use, copy, modify, merge, + publish, distribute, sublicense, and/or sell copies of the Software, + and to permit persons to whom the Software is furnished to do so, + subject to the following conditions: + + The above copyright notice and this permission notice shall be + included in all copies or substantial portions of the Software. + + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + SOFTWARE. +***/ + +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +/* + Reference implementation of a few systemd related interfaces for + writing daemons. These interfaces are trivial to implement. To + simplify porting we provide this reference implementation. + Applications are welcome to reimplement the algorithms described + here if they do not want to include these two source files. + + The following functionality is provided: + + - Support for logging with log levels on stderr + - File descriptor passing for socket-based activation + - Daemon startup and status notification + - Detection of systemd boots + + You may compile this with -DDISABLE_SYSTEMD to disable systemd + support. This makes all those calls NOPs that are directly related to + systemd (i.e. only sd_is_xxx() will stay useful). + + Since this is drop-in code we don't want any of our symbols to be + exported in any case. Hence we declare hidden visibility for all of + them. + + You may find an up-to-date version of these source files online: + + http://cgit.freedesktop.org/systemd/plain/src/sd-daemon.h + http://cgit.freedesktop.org/systemd/plain/src/sd-daemon.c + + This should compile on non-Linux systems, too, but with the + exception of the sd_is_xxx() calls all functions will become NOPs. + + See sd-daemon(7) for more information. +*/ + +#ifndef _sd_printf_attr_ +#if __GNUC__ >= 4 +#define _sd_printf_attr_(a,b) __attribute__ ((format (printf, a, b))) +#else +#define _sd_printf_attr_(a,b) +#endif +#endif + +/* + Log levels for usage on stderr: + + fprintf(stderr, SD_NOTICE "Hello World!\n"); + + This is similar to printk() usage in the kernel. +*/ +#define SD_EMERG "<0>" /* system is unusable */ +#define SD_ALERT "<1>" /* action must be taken immediately */ +#define SD_CRIT "<2>" /* critical conditions */ +#define SD_ERR "<3>" /* error conditions */ +#define SD_WARNING "<4>" /* warning conditions */ +#define SD_NOTICE "<5>" /* normal but significant condition */ +#define SD_INFO "<6>" /* informational */ +#define SD_DEBUG "<7>" /* debug-level messages */ + +/* The first passed file descriptor is fd 3 */ +#define SD_LISTEN_FDS_START 3 + +/* + Returns how many file descriptors have been passed, or a negative + errno code on failure. Optionally, removes the $LISTEN_FDS and + $LISTEN_PID file descriptors from the environment (recommended, but + problematic in threaded environments). If r is the return value of + this function you'll find the file descriptors passed as fds + SD_LISTEN_FDS_START to SD_LISTEN_FDS_START+r-1. Returns a negative + errno style error code on failure. This function call ensures that + the FD_CLOEXEC flag is set for the passed file descriptors, to make + sure they are not passed on to child processes. If FD_CLOEXEC shall + not be set, the caller needs to unset it after this call for all file + descriptors that are used. + + See sd_listen_fds(3) for more information. +*/ +int netsnmp_sd_listen_fds(int unset_environment); + +/* + Helper call for identifying a passed file descriptor. Returns 1 if + the file descriptor is a FIFO in the file system stored under the + specified path, 0 otherwise. If path is NULL a path name check will + not be done and the call only verifies if the file descriptor + refers to a FIFO. Returns a negative errno style error code on + failure. + + See sd_is_fifo(3) for more information. +*/ +int netsnmp_sd_is_fifo(int fd, const char *path); + +/* + Helper call for identifying a passed file descriptor. Returns 1 if + the file descriptor is a special character device on the file + system stored under the specified path, 0 otherwise. + If path is NULL a path name check will not be done and the call + only verifies if the file descriptor refers to a special character. + Returns a negative errno style error code on failure. + + See sd_is_special(3) for more information. +*/ +int netsnmp_sd_is_special(int fd, const char *path); + +/* + Helper call for identifying a passed file descriptor. Returns 1 if + the file descriptor is a socket of the specified family (AF_INET, + ...) and type (SOCK_DGRAM, SOCK_STREAM, ...), 0 otherwise. If + family is 0 a socket family check will not be done. If type is 0 a + socket type check will not be done and the call only verifies if + the file descriptor refers to a socket. If listening is > 0 it is + verified that the socket is in listening mode. (i.e. listen() has + been called) If listening is == 0 it is verified that the socket is + not in listening mode. If listening is < 0 no listening mode check + is done. Returns a negative errno style error code on failure. + + See sd_is_socket(3) for more information. +*/ +int netsnmp_sd_is_socket(int fd, int family, int type, int listening); + +/* + Helper call for identifying a passed file descriptor. Returns 1 if + the file descriptor is an Internet socket, of the specified family + (either AF_INET or AF_INET6) and the specified type (SOCK_DGRAM, + SOCK_STREAM, ...), 0 otherwise. If version is 0 a protocol version + check is not done. If type is 0 a socket type check will not be + done. If port is 0 a socket port check will not be done. The + listening flag is used the same way as in sd_is_socket(). Returns a + negative errno style error code on failure. + + See sd_is_socket_inet(3) for more information. +*/ +int netsnmp_sd_is_socket_inet(int fd, int family, int type, int listening, uint16_t port); + +/* + Helper call for identifying a passed file descriptor. Returns 1 if + the file descriptor is an AF_UNIX socket of the specified type + (SOCK_DGRAM, SOCK_STREAM, ...) and path, 0 otherwise. If type is 0 + a socket type check will not be done. If path is NULL a socket path + check will not be done. For normal AF_UNIX sockets set length to + 0. For abstract namespace sockets set length to the length of the + socket name (including the initial 0 byte), and pass the full + socket path in path (including the initial 0 byte). The listening + flag is used the same way as in sd_is_socket(). Returns a negative + errno style error code on failure. + + See sd_is_socket_unix(3) for more information. +*/ +int netsnmp_sd_is_socket_unix(int fd, int type, int listening, const char *path, size_t length); + +/* + Informs systemd about changed daemon state. This takes a number of + newline separated environment-style variable assignments in a + string. The following variables are known: + + READY=1 Tells systemd that daemon startup is finished (only + relevant for services of Type=notify). The passed + argument is a boolean "1" or "0". Since there is + little value in signaling non-readiness the only + value daemons should send is "READY=1". + + STATUS=... Passes a single-line status string back to systemd + that describes the daemon state. This is free-from + and can be used for various purposes: general state + feedback, fsck-like programs could pass completion + percentages and failing programs could pass a human + readable error message. Example: "STATUS=Completed + 66% of file system check..." + + ERRNO=... If a daemon fails, the errno-style error code, + formatted as string. Example: "ERRNO=2" for ENOENT. + + BUSERROR=... If a daemon fails, the D-Bus error-style error + code. Example: "BUSERROR=org.freedesktop.DBus.Error.TimedOut" + + MAINPID=... The main pid of a daemon, in case systemd did not + fork off the process itself. Example: "MAINPID=4711" + + Daemons can choose to send additional variables. However, it is + recommended to prefix variable names not listed above with X_. + + Returns a negative errno-style error code on failure. Returns > 0 + if systemd could be notified, 0 if it couldn't possibly because + systemd is not running. + + Example: When a daemon finished starting up, it could issue this + call to notify systemd about it: + + sd_notify(0, "READY=1"); + + See sd_notifyf() for more complete examples. + + See sd_notify(3) for more information. +*/ +int netsnmp_sd_notify(int unset_environment, const char *state); + +/* + Similar to sd_notify() but takes a format string. + + Example 1: A daemon could send the following after initialization: + + sd_notifyf(0, "READY=1\n" + "STATUS=Processing requests...\n" + "MAINPID=%lu", + (unsigned long) getpid()); + + Example 2: A daemon could send the following shortly before + exiting, on failure: + + sd_notifyf(0, "STATUS=Failed to start up: %s\n" + "ERRNO=%i", + strerror(errno), + errno); + + See sd_notifyf(3) for more information. +*/ +int netsnmp_sd_notifyf(int unset_environment, const char *format, ...) _sd_printf_attr_(2,3); + +/* + Returns > 0 if the system was booted with systemd. Returns < 0 on + error. Returns 0 if the system was not booted with systemd. Note + that all of the functions above handle non-systemd boots just + fine. You should NOT protect them with a call to this function. Also + note that this function checks whether the system, not the user + session is controlled by systemd. However the functions above work + for both user and system services. + + See sd_booted(3) for more information. +*/ +int netsnmp_sd_booted(void); + +/** + * Find an socket with given parameters. See man sd_is_socket_inet for + * description of the arguments. + * + * Returns the file descriptor if it is found, 0 otherwise. + */ +int netsnmp_sd_find_inet_socket(int family, int type, int listening, int port); + +/** + * Find an unix socket with given parameters. See man sd_is_socket_unix for + * description of the arguments. + * + * Returns the file descriptor if it is found, 0 otherwise. + */ +int +netsnmp_sd_find_unix_socket(int type, int listening, const char *path); + +#ifdef __cplusplus +} +#endif + +#endif /* SNMPD_SD_DAEMON_H */ diff -up net-snmp-5.7.3/include/net-snmp/net-snmp-config.h.in.MPGqYh net-snmp-5.7.3/include/net-snmp/net-snmp-config.h.in --- net-snmp-5.7.3/include/net-snmp/net-snmp-config.h.in.MPGqYh 2014-12-08 21:23:22.000000000 +0100 +++ net-snmp-5.7.3/include/net-snmp/net-snmp-config.h.in 2015-02-17 13:34:05.746221843 +0100 @@ -1410,6 +1410,9 @@ /* If you don't have root access don't exit upon kmem errors */ #undef NETSNMP_NO_ROOT_ACCESS +/* If you don't want to integrate with systemd. */ +#undef NETSNMP_NO_SYSTEMD + /* Define if you want to remove all SET/write access from the code */ #undef NETSNMP_NO_WRITE_SUPPORT diff -up net-snmp-5.7.3/README.systemd.MPGqYh net-snmp-5.7.3/README.systemd --- net-snmp-5.7.3/README.systemd.MPGqYh 2015-02-17 13:34:05.747221843 +0100 +++ net-snmp-5.7.3/README.systemd 2015-02-17 13:34:05.747221843 +0100 @@ -0,0 +1,41 @@ +README.systemd +-------------- +Net-SNMP provides two daemons, which support systemd system manager. +See http://www.freedesktop.org/wiki/Software/systemd to learn how +systemd works. Both socket activation and notification is supported by these +daemons. + +To enable systemd support, the sources must be compiled with +--with-systemd configure option. + +snmpd - The SNMP agent +---------------------- +Socket activation od snmpd daemon is implemented, but it's discouraged. +The reason is simple - snmpd not only listens and processes SNMP requests +from network, but also gathers system statistics counters, sends traps and +communicates with subagents. It even opens few netlink sockets. + +In other words, snmpd should run from system start to properly work. +This can be done in two ways: +1) either as snmpd service unit with 'Type=notification' and without a socket + unit +2) or as snmpd service unit with 'Type=simple', appropriate socket socket unit + and the snmpd service enabled. This way systemd creates the snmpd listening + socket early during boot and passes the sockets to snmpd slightly later + (but still during machine boot). This way systemd can paralelize start of + services, which depend on snmpd. Admins must adjust the socket file manually, + depending if the snmpd support AgentX, IPv6, SMUX etc. + +snmpd should be started with '-f' command line parameter to disable forking - +systemd does that for us automatically. + + +snmptrapd - The trap processing daemon +-------------------------------------- +snmptrapd supports full socket activation and also notification (if needed). +Both 'Type=simple' (with appropriate socket unit) and 'Type=notify' services +will work. Again, '-f' parameter should be provided on snmptrapd command line. + +If integration with SNMP agent using AgentX protocol is enabled, snmptrapd should +start during boot and not after first SNMP trap arrives. Same rules as for snmpd +applies then. \ No newline at end of file diff -up net-snmp-5.7.3/snmplib/sd-daemon.c.MPGqYh net-snmp-5.7.3/snmplib/sd-daemon.c --- net-snmp-5.7.3/snmplib/sd-daemon.c.MPGqYh 2015-02-17 13:34:05.747221843 +0100 +++ net-snmp-5.7.3/snmplib/sd-daemon.c 2015-02-17 13:34:05.747221843 +0100 @@ -0,0 +1,532 @@ +/* + * Systemd integration parts. + * + * Most of this file is directly copied from systemd sources. + * Changes: + * - all functions were renamed to have netsnmp_ prefix + * - includes were changed to match Net-SNMP style. + * - removed gcc export macros + * - removed POSIX message queues + */ + +#include +#include +#include +#include + +#ifndef NETSNMP_NO_SYSTEMD + +/*** + Copyright 2010 Lennart Poettering + + Permission is hereby granted, free of charge, to any person + obtaining a copy of this software and associated documentation files + (the "Software"), to deal in the Software without restriction, + including without limitation the rights to use, copy, modify, merge, + publish, distribute, sublicense, and/or sell copies of the Software, + and to permit persons to whom the Software is furnished to do so, + subject to the following conditions: + + The above copyright notice and this permission notice shall be + included in all copies or substantial portions of the Software. + + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + SOFTWARE. +***/ + +#ifndef _GNU_SOURCE +#define _GNU_SOURCE +#endif + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +int netsnmp_sd_listen_fds(int unset_environment) { + + int r, fd; + const char *e; + char *p = NULL; + unsigned long l; + + if (!(e = getenv("LISTEN_PID"))) { + r = 0; + goto finish; + } + + errno = 0; + l = strtoul(e, &p, 10); + + if (errno != 0) { + r = -errno; + goto finish; + } + + if (!p || *p || l <= 0) { + r = -EINVAL; + goto finish; + } + + /* Is this for us? */ + if (getpid() != (pid_t) l) { + r = 0; + goto finish; + } + + if (!(e = getenv("LISTEN_FDS"))) { + r = 0; + goto finish; + } + + errno = 0; + l = strtoul(e, &p, 10); + + if (errno != 0) { + r = -errno; + goto finish; + } + + if (!p || *p) { + r = -EINVAL; + goto finish; + } + + for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + (int) l; fd ++) { + int flags; + + if ((flags = fcntl(fd, F_GETFD)) < 0) { + r = -errno; + goto finish; + } + + if (flags & FD_CLOEXEC) + continue; + + if (fcntl(fd, F_SETFD, flags | FD_CLOEXEC) < 0) { + r = -errno; + goto finish; + } + } + + r = (int) l; + +finish: + if (unset_environment) { + unsetenv("LISTEN_PID"); + unsetenv("LISTEN_FDS"); + } + + return r; +} + +int netsnmp_sd_is_fifo(int fd, const char *path) { + struct stat st_fd; + + if (fd < 0) + return -EINVAL; + + memset(&st_fd, 0, sizeof(st_fd)); + if (fstat(fd, &st_fd) < 0) + return -errno; + + if (!S_ISFIFO(st_fd.st_mode)) + return 0; + + if (path) { + struct stat st_path; + + memset(&st_path, 0, sizeof(st_path)); + if (stat(path, &st_path) < 0) { + + if (errno == ENOENT || errno == ENOTDIR) + return 0; + + return -errno; + } + + return + st_path.st_dev == st_fd.st_dev && + st_path.st_ino == st_fd.st_ino; + } + + return 1; +} + +int netsnmp_sd_is_special(int fd, const char *path) { + struct stat st_fd; + + if (fd < 0) + return -EINVAL; + + if (fstat(fd, &st_fd) < 0) + return -errno; + + if (!S_ISREG(st_fd.st_mode) && !S_ISCHR(st_fd.st_mode)) + return 0; + + if (path) { + struct stat st_path; + + if (stat(path, &st_path) < 0) { + + if (errno == ENOENT || errno == ENOTDIR) + return 0; + + return -errno; + } + + if (S_ISREG(st_fd.st_mode) && S_ISREG(st_path.st_mode)) + return + st_path.st_dev == st_fd.st_dev && + st_path.st_ino == st_fd.st_ino; + else if (S_ISCHR(st_fd.st_mode) && S_ISCHR(st_path.st_mode)) + return st_path.st_rdev == st_fd.st_rdev; + else + return 0; + } + + return 1; +} + +static int sd_is_socket_internal(int fd, int type, int listening) { + struct stat st_fd; + + if (fd < 0 || type < 0) + return -EINVAL; + + if (fstat(fd, &st_fd) < 0) + return -errno; + + if (!S_ISSOCK(st_fd.st_mode)) + return 0; + + if (type != 0) { + int other_type = 0; + socklen_t l = sizeof(other_type); + + if (getsockopt(fd, SOL_SOCKET, SO_TYPE, &other_type, &l) < 0) + return -errno; + + if (l != sizeof(other_type)) + return -EINVAL; + + if (other_type != type) + return 0; + } + + if (listening >= 0) { + int accepting = 0; + socklen_t l = sizeof(accepting); + + if (getsockopt(fd, SOL_SOCKET, SO_ACCEPTCONN, &accepting, &l) < 0) + return -errno; + + if (l != sizeof(accepting)) + return -EINVAL; + + if (!accepting != !listening) + return 0; + } + + return 1; +} + +union sockaddr_union { + struct sockaddr sa; + struct sockaddr_in in4; + struct sockaddr_in6 in6; + struct sockaddr_un un; + struct sockaddr_storage storage; +}; + +int netsnmp_sd_is_socket(int fd, int family, int type, int listening) { + int r; + + if (family < 0) + return -EINVAL; + + if ((r = sd_is_socket_internal(fd, type, listening)) <= 0) + return r; + + if (family > 0) { + union sockaddr_union sockaddr; + socklen_t l; + + memset(&sockaddr, 0, sizeof(sockaddr)); + l = sizeof(sockaddr); + + if (getsockname(fd, &sockaddr.sa, &l) < 0) + return -errno; + + if (l < sizeof(sa_family_t)) + return -EINVAL; + + return sockaddr.sa.sa_family == family; + } + + return 1; +} + +int netsnmp_sd_is_socket_inet(int fd, int family, int type, int listening, uint16_t port) { + union sockaddr_union sockaddr; + socklen_t l; + int r; + + if (family != 0 && family != AF_INET && family != AF_INET6) + return -EINVAL; + + if ((r = sd_is_socket_internal(fd, type, listening)) <= 0) + return r; + + memset(&sockaddr, 0, sizeof(sockaddr)); + l = sizeof(sockaddr); + + if (getsockname(fd, &sockaddr.sa, &l) < 0) + return -errno; + + if (l < sizeof(sa_family_t)) + return -EINVAL; + + if (sockaddr.sa.sa_family != AF_INET && + sockaddr.sa.sa_family != AF_INET6) + return 0; + + if (family > 0) + if (sockaddr.sa.sa_family != family) + return 0; + + if (port > 0) { + if (sockaddr.sa.sa_family == AF_INET) { + if (l < sizeof(struct sockaddr_in)) + return -EINVAL; + + return htons(port) == sockaddr.in4.sin_port; + } else { + if (l < sizeof(struct sockaddr_in6)) + return -EINVAL; + + return htons(port) == sockaddr.in6.sin6_port; + } + } + + return 1; +} + +int netsnmp_sd_is_socket_unix(int fd, int type, int listening, const char *path, size_t length) { + union sockaddr_union sockaddr; + socklen_t l; + int r; + + if ((r = sd_is_socket_internal(fd, type, listening)) <= 0) + return r; + + memset(&sockaddr, 0, sizeof(sockaddr)); + l = sizeof(sockaddr); + + if (getsockname(fd, &sockaddr.sa, &l) < 0) + return -errno; + + if (l < sizeof(sa_family_t)) + return -EINVAL; + + if (sockaddr.sa.sa_family != AF_UNIX) + return 0; + + if (path) { + if (length <= 0) + length = strlen(path); + + if (length <= 0) + /* Unnamed socket */ + return l == offsetof(struct sockaddr_un, sun_path); + + if (path[0]) + /* Normal path socket */ + return + (l >= offsetof(struct sockaddr_un, sun_path) + length + 1) && + memcmp(path, sockaddr.un.sun_path, length+1) == 0; + else + /* Abstract namespace socket */ + return + (l == offsetof(struct sockaddr_un, sun_path) + length) && + memcmp(path, sockaddr.un.sun_path, length) == 0; + } + + return 1; +} + +int netsnmp_sd_notify(int unset_environment, const char *state) { + int fd = -1, r; + struct msghdr msghdr; + struct iovec iovec; + union sockaddr_union sockaddr; + const char *e; + + if (!state) { + r = -EINVAL; + goto finish; + } + + if (!(e = getenv("NOTIFY_SOCKET"))) + return 0; + + /* Must be an abstract socket, or an absolute path */ + if ((e[0] != '@' && e[0] != '/') || e[1] == 0) { + r = -EINVAL; + goto finish; + } + + if ((fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0)) < 0) { + r = -errno; + goto finish; + } + + memset(&sockaddr, 0, sizeof(sockaddr)); + sockaddr.sa.sa_family = AF_UNIX; + strncpy(sockaddr.un.sun_path, e, sizeof(sockaddr.un.sun_path)); + + if (sockaddr.un.sun_path[0] == '@') + sockaddr.un.sun_path[0] = 0; + + memset(&iovec, 0, sizeof(iovec)); + iovec.iov_base = (char *)state; + iovec.iov_len = strlen(state); + + memset(&msghdr, 0, sizeof(msghdr)); + msghdr.msg_name = &sockaddr; + msghdr.msg_namelen = offsetof(struct sockaddr_un, sun_path) + strlen(e); + + if (msghdr.msg_namelen > sizeof(struct sockaddr_un)) + msghdr.msg_namelen = sizeof(struct sockaddr_un); + + msghdr.msg_iov = &iovec; + msghdr.msg_iovlen = 1; + + if (sendmsg(fd, &msghdr, MSG_NOSIGNAL) < 0) { + r = -errno; + goto finish; + } + + r = 1; + +finish: + if (unset_environment) + unsetenv("NOTIFY_SOCKET"); + + if (fd >= 0) + close(fd); + + return r; +} + +int netsnmp_sd_notifyf(int unset_environment, const char *format, ...) { + va_list ap; + char *p = NULL; + int r; + + va_start(ap, format); + r = vasprintf(&p, format, ap); + va_end(ap); + + if (r < 0 || !p) + return -ENOMEM; + + r = netsnmp_sd_notify(unset_environment, p); + free(p); + + return r; +} + +int netsnmp_sd_booted(void) { + struct stat a, b; + + /* We simply test whether the systemd cgroup hierarchy is + * mounted */ + + if (lstat("/sys/fs/cgroup", &a) < 0) + return 0; + + if (lstat("/sys/fs/cgroup/systemd", &b) < 0) + return 0; + + return a.st_dev != b.st_dev; +} + +/* End of original sd-daemon.c from systemd sources */ + +int +netsnmp_sd_find_inet_socket(int family, int type, int listening, int port) +{ + int count, fd; + + count = netsnmp_sd_listen_fds(0); + if (count <= 0) { + DEBUGMSGTL(("systemd:find_inet_socket", "No LISTEN_FDS found.\n")); + return 0; + } + DEBUGMSGTL(("systemd:find_inet_socket", "LISTEN_FDS reports %d sockets.\n", + count)); + + for (fd = 3; fd < 3+count; fd++) { + int rc = netsnmp_sd_is_socket_inet(fd, family, type, listening, port); + if (rc < 0) + DEBUGMSGTL(("systemd:find_inet_socket", + "sd_is_socket_inet error: %d\n", rc)); + if (rc > 0) { + DEBUGMSGTL(("systemd:find_inet_socket", + "Found the socket in LISTEN_FDS\n")); + return fd; + } + } + DEBUGMSGTL(("systemd:find_inet_socket", "Socket not found in LISTEN_FDS\n")); + return 0; +} + +int +netsnmp_sd_find_unix_socket(int type, int listening, const char *path) +{ + int count, fd; + + count = netsnmp_sd_listen_fds(0); + if (count <= 0) { + DEBUGMSGTL(("systemd:find_unix_socket", "No LISTEN_FDS found.\n")); + return 0; + } + DEBUGMSGTL(("systemd:find_unix_socket", "LISTEN_FDS reports %d sockets.\n", + count)); + + for (fd = 3; fd < 3+count; fd++) { + int rc = netsnmp_sd_is_socket_unix(fd, type, listening, path, 0); + if (rc < 0) + DEBUGMSGTL(("systemd:find_unix_socket", + "netsnmp_sd_is_socket_unix error: %d\n", rc)); + if (rc > 0) { + DEBUGMSGTL(("systemd:find_unix_socket", + "Found the socket in LISTEN_FDS\n")); + return fd; + } + } + DEBUGMSGTL(("systemd:find_unix_socket", "Socket not found in LISTEN_FDS\n")); + return 0; +} + +#endif /* ! NETSNMP_NO_SYSTEMD */ diff -up net-snmp-5.7.3/snmplib/transports/snmpTCPDomain.c.MPGqYh net-snmp-5.7.3/snmplib/transports/snmpTCPDomain.c --- net-snmp-5.7.3/snmplib/transports/snmpTCPDomain.c.MPGqYh 2014-12-08 21:23:22.000000000 +0100 +++ net-snmp-5.7.3/snmplib/transports/snmpTCPDomain.c 2015-02-17 13:34:05.748221842 +0100 @@ -43,6 +43,10 @@ #include #include +#ifndef NETSNMP_NO_SYSTEMD +#include +#endif + /* * needs to be in sync with the definitions in snmplib/snmpUDPDomain.c * and perl/agent/agent.xs @@ -149,6 +153,7 @@ netsnmp_tcp_transport(struct sockaddr_in netsnmp_transport *t = NULL; netsnmp_udp_addr_pair *addr_pair = NULL; int rc = 0; + int socket_initialized = 0; #ifdef NETSNMP_NO_LISTEN_SUPPORT if (local) @@ -178,7 +183,19 @@ netsnmp_tcp_transport(struct sockaddr_in t->domain_length = sizeof(netsnmp_snmpTCPDomain) / sizeof(netsnmp_snmpTCPDomain[0]); - t->sock = socket(PF_INET, SOCK_STREAM, 0); +#ifndef NETSNMP_NO_SYSTEMD + /* + * Maybe the socket was already provided by systemd... + */ + if (local) { + t->sock = netsnmp_sd_find_inet_socket(PF_INET, SOCK_STREAM, 1, + ntohs(addr->sin_port)); + if (t->sock) + socket_initialized = 1; + } +#endif + if (!socket_initialized) + t->sock = socket(PF_INET, SOCK_STREAM, 0); if (t->sock < 0) { netsnmp_transport_free(t); return NULL; @@ -215,11 +232,13 @@ netsnmp_tcp_transport(struct sockaddr_in setsockopt(t->sock, SOL_SOCKET, SO_REUSEADDR, (void *)&opt, sizeof(opt)); - rc = bind(t->sock, (struct sockaddr *)addr, sizeof(struct sockaddr)); - if (rc != 0) { - netsnmp_socketbase_close(t); - netsnmp_transport_free(t); - return NULL; + if (!socket_initialized) { + rc = bind(t->sock, (struct sockaddr *)addr, sizeof(struct sockaddr)); + if (rc != 0) { + netsnmp_socketbase_close(t); + netsnmp_transport_free(t); + return NULL; + } } /* @@ -235,12 +254,13 @@ netsnmp_tcp_transport(struct sockaddr_in /* * Now sit here and wait for connections to arrive. */ - - rc = listen(t->sock, NETSNMP_STREAM_QUEUE_LEN); - if (rc != 0) { - netsnmp_socketbase_close(t); - netsnmp_transport_free(t); - return NULL; + if (!socket_initialized) { + rc = listen(t->sock, NETSNMP_STREAM_QUEUE_LEN); + if (rc != 0) { + netsnmp_socketbase_close(t); + netsnmp_transport_free(t); + return NULL; + } } /* diff -up net-snmp-5.7.3/snmplib/transports/snmpTCPIPv6Domain.c.MPGqYh net-snmp-5.7.3/snmplib/transports/snmpTCPIPv6Domain.c --- net-snmp-5.7.3/snmplib/transports/snmpTCPIPv6Domain.c.MPGqYh 2014-12-08 21:23:22.000000000 +0100 +++ net-snmp-5.7.3/snmplib/transports/snmpTCPIPv6Domain.c 2015-02-17 13:34:05.748221842 +0100 @@ -49,6 +49,10 @@ #include #include +#ifndef NETSNMP_NO_SYSTEMD +#include +#endif + #include "inet_ntop.h" oid netsnmp_TCPIPv6Domain[] = { TRANSPORT_DOMAIN_TCP_IPV6 }; @@ -140,6 +144,7 @@ netsnmp_tcp6_transport(struct sockaddr_i { netsnmp_transport *t = NULL; int rc = 0; + int socket_initialized = 0; #ifdef NETSNMP_NO_LISTEN_SUPPORT if (local) @@ -174,7 +179,19 @@ netsnmp_tcp6_transport(struct sockaddr_i t->domain = netsnmp_TCPIPv6Domain; t->domain_length = sizeof(netsnmp_TCPIPv6Domain) / sizeof(oid); - t->sock = socket(PF_INET6, SOCK_STREAM, 0); +#ifndef NETSNMP_NO_SYSTEMD + /* + * Maybe the socket was already provided by systemd... + */ + if (local) { + t->sock = netsnmp_sd_find_inet_socket(PF_INET6, SOCK_STREAM, 1, + ntohs(addr->sin6_port)); + if (t->sock) + socket_initialized = 1; + } +#endif + if (!socket_initialized) + t->sock = socket(PF_INET6, SOCK_STREAM, 0); if (t->sock < 0) { netsnmp_transport_free(t); return NULL; @@ -220,12 +237,14 @@ netsnmp_tcp6_transport(struct sockaddr_i setsockopt(t->sock, SOL_SOCKET, SO_REUSEADDR, (void *)&opt, sizeof(opt)); - rc = bind(t->sock, (struct sockaddr *) addr, - sizeof(struct sockaddr_in6)); - if (rc != 0) { - netsnmp_socketbase_close(t); - netsnmp_transport_free(t); - return NULL; + if (!socket_initialized) { + rc = bind(t->sock, (struct sockaddr *) addr, + sizeof(struct sockaddr_in6)); + if (rc != 0) { + netsnmp_socketbase_close(t); + netsnmp_transport_free(t); + return NULL; + } } /* @@ -242,11 +261,13 @@ netsnmp_tcp6_transport(struct sockaddr_i * Now sit here and wait for connections to arrive. */ - rc = listen(t->sock, NETSNMP_STREAM_QUEUE_LEN); - if (rc != 0) { - netsnmp_socketbase_close(t); - netsnmp_transport_free(t); - return NULL; + if (!socket_initialized) { + rc = listen(t->sock, NETSNMP_STREAM_QUEUE_LEN); + if (rc != 0) { + netsnmp_socketbase_close(t); + netsnmp_transport_free(t); + return NULL; + } } /* diff -up net-snmp-5.7.3/snmplib/transports/snmpUDPIPv4BaseDomain.c.MPGqYh net-snmp-5.7.3/snmplib/transports/snmpUDPIPv4BaseDomain.c --- net-snmp-5.7.3/snmplib/transports/snmpUDPIPv4BaseDomain.c.MPGqYh 2014-12-08 21:23:22.000000000 +0100 +++ net-snmp-5.7.3/snmplib/transports/snmpUDPIPv4BaseDomain.c 2015-02-17 13:36:22.744123462 +0100 @@ -40,6 +40,10 @@ #include +#ifndef NETSNMP_NO_SYSTEMD +#include +#endif + #if defined(HAVE_IP_PKTINFO) || defined(HAVE_IP_RECVDSTADDR) int netsnmp_udpipv4_recvfrom(int s, void *buf, int len, struct sockaddr *from, socklen_t *fromlen, struct sockaddr *dstip, @@ -64,6 +68,7 @@ netsnmp_udpipv4base_transport(struct soc char *client_socket = NULL; netsnmp_indexed_addr_pair addr_pair; socklen_t local_addr_len; + int socket_initialized = 0; #ifdef NETSNMP_NO_LISTEN_SUPPORT if (local) @@ -88,7 +93,20 @@ netsnmp_udpipv4base_transport(struct soc free(str); } - t->sock = socket(PF_INET, SOCK_DGRAM, 0); +#ifndef NETSNMP_NO_SYSTEMD + /* + * Maybe the socket was already provided by systemd... + */ + if (local) { + t->sock = netsnmp_sd_find_inet_socket(PF_INET, SOCK_DGRAM, -1, + ntohs(addr->sin_port)); + if (t->sock) + socket_initialized = 1; + } +#endif + if (!socket_initialized) + t->sock = socket(PF_INET, SOCK_DGRAM, 0); + DEBUGMSGTL(("UDPBase", "openned socket %d as local=%d\n", t->sock, local)); if (t->sock < 0) { netsnmp_transport_free(t); @@ -151,12 +169,14 @@ netsnmp_udpipv4base_transport(struct soc } } #endif /* !defined(WIN32) */ - rc = bind(t->sock, (struct sockaddr *) addr, - sizeof(struct sockaddr)); - if (rc != 0) { - netsnmp_socketbase_close(t); - netsnmp_transport_free(t); - return NULL; + if (!socket_initialized) { + rc = bind(t->sock, (struct sockaddr *) addr, + sizeof(struct sockaddr)); + if (rc != 0) { + netsnmp_socketbase_close(t); + netsnmp_transport_free(t); + return NULL; + } } t->data = NULL; t->data_length = 0; diff -up net-snmp-5.7.3/snmplib/transports/snmpUDPIPv6Domain.c.MPGqYh net-snmp-5.7.3/snmplib/transports/snmpUDPIPv6Domain.c --- net-snmp-5.7.3/snmplib/transports/snmpUDPIPv6Domain.c.MPGqYh 2014-12-08 21:23:22.000000000 +0100 +++ net-snmp-5.7.3/snmplib/transports/snmpUDPIPv6Domain.c 2015-02-17 13:37:16.256087147 +0100 @@ -67,6 +67,10 @@ static const struct in6_addr in6addr_any #include #include +#ifndef NETSNMP_NO_SYSTEMD +#include +#endif + #include "inet_ntop.h" #include "inet_pton.h" @@ -190,6 +194,7 @@ netsnmp_udp6_transport(struct sockaddr_i { netsnmp_transport *t = NULL; int rc = 0; + int socket_initialized = 0; #ifdef NETSNMP_NO_LISTEN_SUPPORT if (local) @@ -217,7 +222,19 @@ netsnmp_udp6_transport(struct sockaddr_i t->domain_length = sizeof(netsnmp_UDPIPv6Domain) / sizeof(netsnmp_UDPIPv6Domain[0]); - t->sock = socket(PF_INET6, SOCK_DGRAM, 0); +#ifndef NETSNMP_NO_SYSTEMD + /* + * Maybe the socket was already provided by systemd... + */ + if (local) { + t->sock = netsnmp_sd_find_inet_socket(PF_INET6, SOCK_DGRAM, -1, + ntohs(addr->sin6_port)); + if (t->sock) + socket_initialized = 1; + } +#endif + if (!socket_initialized) + t->sock = socket(PF_INET6, SOCK_DGRAM, 0); if (t->sock < 0) { netsnmp_transport_free(t); return NULL; @@ -242,13 +259,14 @@ netsnmp_udp6_transport(struct sockaddr_i } } #endif - - rc = bind(t->sock, (struct sockaddr *) addr, - sizeof(struct sockaddr_in6)); - if (rc != 0) { - netsnmp_socketbase_close(t); - netsnmp_transport_free(t); - return NULL; + if (!socket_initialized) { + rc = bind(t->sock, (struct sockaddr *) addr, + sizeof(struct sockaddr_in6)); + if (rc != 0) { + netsnmp_socketbase_close(t); + netsnmp_transport_free(t); + return NULL; + } } t->local = (unsigned char*)malloc(18); if (t->local == NULL) { diff -up net-snmp-5.7.3/snmplib/transports/snmpUnixDomain.c.MPGqYh net-snmp-5.7.3/snmplib/transports/snmpUnixDomain.c --- net-snmp-5.7.3/snmplib/transports/snmpUnixDomain.c.MPGqYh 2014-12-08 21:23:22.000000000 +0100 +++ net-snmp-5.7.3/snmplib/transports/snmpUnixDomain.c 2015-02-17 13:34:05.749221841 +0100 @@ -37,6 +37,10 @@ #include /* mkdirhier */ #include +#ifndef NETSNMP_NO_SYSTEMD +#include +#endif + netsnmp_feature_child_of(transport_unix_socket_all, transport_all) netsnmp_feature_child_of(unix_socket_paths, transport_unix_socket_all) @@ -295,6 +299,7 @@ netsnmp_unix_transport(struct sockaddr_u netsnmp_transport *t = NULL; sockaddr_un_pair *sup = NULL; int rc = 0; + int socket_initialized = 0; #ifdef NETSNMP_NO_LISTEN_SUPPORT /* SPECIAL CIRCUMSTANCE: We still want AgentX to be able to operate, @@ -333,7 +338,18 @@ netsnmp_unix_transport(struct sockaddr_u t->data_length = sizeof(sockaddr_un_pair); sup = (sockaddr_un_pair *) t->data; - t->sock = socket(PF_UNIX, SOCK_STREAM, 0); +#ifndef NETSNMP_NO_SYSTEMD + /* + * Maybe the socket was already provided by systemd... + */ + if (local) { + t->sock = netsnmp_sd_find_unix_socket(SOCK_STREAM, 1, addr->sun_path); + if (t->sock) + socket_initialized = 1; + } +#endif + if (!socket_initialized) + t->sock = socket(PF_UNIX, SOCK_STREAM, 0); if (t->sock < 0) { netsnmp_transport_free(t); return NULL; @@ -357,25 +373,26 @@ netsnmp_unix_transport(struct sockaddr_u t->flags |= NETSNMP_TRANSPORT_FLAG_LISTEN; - unlink(addr->sun_path); - rc = bind(t->sock, (struct sockaddr *) addr, SUN_LEN(addr)); - - if (rc != 0 && errno == ENOENT && create_path) { - rc = mkdirhier(addr->sun_path, create_mode, 1); + if (!socket_initialized) { + unlink(addr->sun_path); + rc = bind(t->sock, (struct sockaddr *) addr, SUN_LEN(addr)); + if (rc != 0 && errno == ENOENT && create_path) { + rc = mkdirhier(addr->sun_path, create_mode, 1); + if (rc != 0) { + netsnmp_unix_close(t); + netsnmp_transport_free(t); + return NULL; + } + rc = bind(t->sock, (struct sockaddr *) addr, SUN_LEN(addr)); + } if (rc != 0) { + DEBUGMSGTL(("netsnmp_unix_transport", + "couldn't bind \"%s\", errno %d (%s)\n", + addr->sun_path, errno, strerror(errno))); netsnmp_unix_close(t); netsnmp_transport_free(t); return NULL; } - rc = bind(t->sock, (struct sockaddr *) addr, SUN_LEN(addr)); - } - if (rc != 0) { - DEBUGMSGTL(("netsnmp_unix_transport", - "couldn't bind \"%s\", errno %d (%s)\n", - addr->sun_path, errno, strerror(errno))); - netsnmp_unix_close(t); - netsnmp_transport_free(t); - return NULL; } /* @@ -391,16 +408,17 @@ netsnmp_unix_transport(struct sockaddr_u * Now sit here and listen for connections to arrive. */ - rc = listen(t->sock, NETSNMP_STREAM_QUEUE_LEN); - if (rc != 0) { - DEBUGMSGTL(("netsnmp_unix_transport", - "couldn't listen to \"%s\", errno %d (%s)\n", - addr->sun_path, errno, strerror(errno))); - netsnmp_unix_close(t); - netsnmp_transport_free(t); - return NULL; + if (!socket_initialized) { + rc = listen(t->sock, NETSNMP_STREAM_QUEUE_LEN); + if (rc != 0) { + DEBUGMSGTL(("netsnmp_unix_transport", + "couldn't listen to \"%s\", errno %d (%s)\n", + addr->sun_path, errno, strerror(errno))); + netsnmp_unix_close(t); + netsnmp_transport_free(t); + return NULL; + } } - } else { t->remote = (u_char *)malloc(strlen(addr->sun_path)); if (t->remote == NULL) {